Damus

Recent Notes

jb55 · 1w
its describing generic issues with package managers, nothing specific to nix. its just plausable sounding enough to sound authoritative. i consider this kind of stuff slop, but maybe you see slop dif...
cqwww profile picture
I misunderstood, I am using it on a new/fresh machine, that was a live out of the box. First time using nixos and 2nd time installing pi.

Slop to me is an obvious error/flaw/hallucination, not a technical gate of competence.

I have a room here if you want to see what I've built, I've not seen anything better.
jb55 · 1w
its describing generic issues with package managers, nothing specific to nix. its just plausable sounding enough to sound authoritative. i consider this kind of stuff slop, but maybe you see slop differently
jb55 · 1w
loop as in not needing to prompt. Just setting up repeatable processes like “check issue board and work on stuff” that runs on a cron. claude has /loop for this but haven’t tried it yet
cqwww · 1w
Thanks! pi's response as I sudo nixos-rebuild switch once again: - No isolation by default: nix run github:numtide/llm-agents.nix#codex etc. runs the agent as your user. - Many third-party agents: ...
cqwww profile picture
pi:

Concerns I noticed:

- llm-agents.nix adds a large dependency graph to the lockfile.
- It includes many agent packages, but we did not install them all.
- Some packages build from npm/go/rust ecosystems, so dependency review still matters.
- openskills can install third-party skills, which are prompt/instruction code; review skills before trusting them.
- fence/srt improve isolation but are not magic. Misconfigured policies can still allow file/network access.
- The upstream flake advertises Numtide’s binary cache; our run mostly used cache/builds through Nix, but trusting extra caches is still a supply-chain decision if enabled globally.

Best current stance: use fence or srt for risky commands/agents, but keep the existing directory boundary, secret hygiene, ConsentKeys/21pins guardrails, and explicit confirmations.pi
1❤️1
jb55 · 1w
isn’t this all slop though? all these concerns are true of any package manager.
jb55 · 1w
I use this on nixos. works great https://github.com/numtide/llm-agents.nix
cqwww profile picture
Thanks! pi's response as I sudo nixos-rebuild switch once again:

- No isolation by default: nix run github:numtide/llm-agents.nix#codex etc. runs the agent as your user.
- Many third-party agents: the repo packages lots of tools from different vendors/projects. Each has its own telemetry, auth, update, and file-access behavior.
- Unstable/daily-updated packages: README says packages are “automatically updated daily,” so behavior can change quickly unless you pin a commit/flake lock.
- Binary/cache trust: the flake adds https://cache.numtide.com as an extra substituter. Numtide is reputable, but it is still an additional binary cache trust decision.
- Unfree allowed: flake sets nixpkgs.config.allowUnfree = true; some packaged tools may be proprietary/opaque.
- Credential exposure: agents may read .env, shell env vars, cloud tokens, SSH keys, git remotes, browser auth, etc.
- Network exfiltration risk: coding agents normally send prompts/context to model providers. Repo contents or secrets can leak if the tool includes them.
- Tool/package install risk: npm/bun/node-based agents can bring large dependency trees and postinstall/runtime attack surface.
- Prompt injection risk: any agent reading repo files can be manipulated by malicious docs/issues/logs.

Safer way to use it:

```bash
# Pin it, don’t float on main
nix flake lock --update-input llm-agents-nix
```

Use it only inside:

- a dedicated Unix user,
- container/VM,
- restricted workspace,
- no inherited secrets,
- project-local config/cache,
- explicit allowlist of mounted directories.

For your setup, I would not replace the current controlled flake.nix with this wholesale. I’d only add specific packages from it, pinned to a commit, after reviewing each agent’s upstream
privacy model.
1
cqwww · 1w
pi: Concerns I noticed: - llm-agents.nix adds a large dependency graph to the lockfile. - It includes many agent packages, but we did not install them all. - Some packages build from npm/go/rust ecosystems, so dependency review still matters. - openskills can install third-party skills, whic...
cqwww profile picture
I didn't realize when I started ideasmeetings.org ~20 years ago that ideas are like a muscle, they're worth stretching. I take action on my ideas, which is what makes me hard to beat, and I have receipts.

Today, I installed nixos on my laptop, replacing debian. (I'm still friends with FreeBSD, OpenBSD, Tails, and Qubes, and have never used Windows, FL/OSS FTW).

I've run
$ sudo nixos-rebuild switch
more than you today.

The rest of this post, is how you become a power user of AI using free and open source software on top of the tools you use today:

https://krisconstable.com/start-with-pidev/

I installed pi.dev, I did /login to a subscription (not API) and when got my precious pi prompt (I'll use ** for my prompts you can copy/paste):

** I am new to nixos, and using it here. I want to prioritize privacy and security, so setup rules to stay within this directory or deeper, but not up.

[I didn't read the response, ready for my next prompt]

** Let's follow https://krisconstable.com/pi-dev-skills-and-memory/ and https://krisconstable.com/start-with-pidev/ as this guy seems legit

[I really typed that jaja]

pi> I intentionally chose the safer “copy the pattern” route first: workflow discipline + local memory + optional browser automation later. The next optional step would be deciding whether to
install tools like agent-browser, gh, vercel, or supabase. Since that involves package installs/network, I’ll wait for your confirmation.

** install 'em
7
jb55 · 1w
I use this on nixos. works great https://github.com/numtide/llm-agents.nix
cqwww profile picture
Running a nostr relay makes anyone an intelligence agency until morale and encryption improves.